Hi folks. I’m having another stab at configuring Apache through Yast after I upgraded a host’s OS from a previous version of Suse to the current version (13.2) by way of a fresh installation from scratch. On the previous version, I got SSL working properly in the end, but only after circumventing the YaST configuration module towards the end of the configuration process and then never going back to it. Re-opening YaST’s Apache config module would undo the changes and leave me with a broken sever config again. In other words, I ended up having to resort to a bit of a messy hack to get things working.
This time, however, I’d like to be able to not have to do anything like that at all. I haven’t needed to manually set up symlinks to shmcb.so (like I previouslly needed to) just to make it available to Apache. So I’m keen to avoid having to work around my lack of experience of working with these relatively complicated configurations. I’m used to the very simple configurations that you come out with after compiling Apache from source. You only need to edit 2 config files (httpd.conf and ssl.conf) to set up a single domain after building from source, but patching and maintenance isn’t nearly as straight-forward as zypper patch.
As far as a I can tell, everything would work fine if I could just get the vhost that I configure to become the default host. That seems to be the real problem here though: my lack of experience with vhosts. If i configure a vhost so that it can use SSL, but don’t try to make it the default host, then the domain works perfectly over SSL/TLS, but throws a 400 (Bad Request) when you ask it for anything on port 80. I’m assuming this is because the request must get handled by the default host which, for some reason, can’t handle it because of the presence of the vhost configuration.
If I do try to make the vhost be the default host then the following question appears.
┌──────────────────────────────────────────────────┐ │The current default host will be replaced by │ │the new host and will become a virtual host. │ │ │ │However, the current default host does not have │ │the IP address or the server name specified. │ │Therefore, it is not possible to use it as │ │a virtual host. Verify the suggested values below │ │and click OK to continue with the default host │ │switch. Otherwise click Cancel not to change │ │the default host. │ │Server Name: │ │www.mydomainname.com▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒│ │Server IP Address: │ │▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒↓ │ │ │ │ [Continue][Cancel] │ └──────────────────────────────────────────────────┘
If I just tell it to continue, then the vhost configuration id deleted and the server is restarted where it reverts to responding only on port 80 and browsers, rightly, reporting that SSL isn’t yet properly configured because the only SSL config file has been deleted. The server IP Address drop box has two addresses. Thar first is just the loopback IP 127.0.0.1 and is obviously not what I want and the other is the host’s public IP address. If I select this and continue then all hell breaks loose and I get the worst of both worlds. If I use Firefox to make a request to the domain name on port 80, then Firefox says it’s unable to connect, yet still claims to have somehow gotten a 200 response (probably an issue with the developer toollbar, rather than anything else). If I try an SSL connection then I also get the same thing. Can’t connect but got a 200 anyway.
If I go back to the “Main Host” config page in YaST’s config module, then I find this strange “SSL” option has been added to the configuration, but it has nothing at all in the “Value” column of the page. Pressing enter on the option just seems to ask for a value without giving any hint as to what value is expected. Oh and a few other options seem to have been lopped of the list of the main host config options list too. one of them is (I think) just a reference to a locally stored Apache manual, but I’m guessing the other has something to do with why nothing is working at all any more.
Anyone got any suggestions?